Squid 3.4.x for with transparent ssl proxying/support for Debian Wheezy.

I needed  a variant of Squid which supported transparent SSL interception (i.e via iptables redirection) so I could log outgoing HTTPS requests without the client being aware.

The stock wheezy variant doesn’t support SSL (see : Debian Bug Report).

Even after recompiling Wheezy’s squid3 it didn’t seem to work (perhaps my stupidity) so I ended up moving to the latest-and-greatest squid (3.4.9 at the time of writing) and getting that to work. Brief notes follow.

Continue reading

Postfix – connect from unknown[ip.address]

One server I poke around on, has a number of postfix instances

(see: postmulti).

Interestingly, one instance was logging things like :

Oct 26 22:02:05 mail postfix-blah/smtpd[59158]: connect from unknown[1.2.3.4]
Oct 26 22:02:05 mail postfix-blah/smtpd[59158]: CA9292EE2C0: client=unknown[1.2.3.4]

Continue reading